Operational Resilience Manager - Cyber - London Two days per week office based/Travel Salary £80-90k - Car Allowance - £10k Operational Resilience Manager required for a leading client based in London. My client is currently seeking a Operational Resilience Manager to come on to bolster the client's Technology & Cyber capability, aiding in readiness, response, and recovery from disruptions to our global tech infrastructure. Serving as a trusted advisor, you'll offer expertise in Operational Resilience concerning technology and cybersecurity. Your background should encompass disciplines like Business Continuity, Disaster Recovery, Cyber Security, Risk Management, Incident, and Crisis Management. Collaborating closely with colleagues in Group Risk, Group IT, and Group Cyber Security, you'll analyse present and future risks, threat trends, pinpoint vulnerabilities, and propose mitigation strategies. Take charge of advancing the elements within the Resilience Framework to meet our yearly objectives and attain our desired level of maturity, both current and future. This involves setting up and managing our Resilience Dashboard, ensuring the currency of KPIs and other metrics related to the organization's resilience capabilities across the Group. Key skills, Uphold the core values of the client, adhering to standards of business conduct, compliance with Group policies and procedures, and setting a positive example. Demonstrate integrity and ethical behaviour in accordance with the Group Code of Conduct. Develop technology and cybersecurity crisis readiness plans for activation in disaster scenarios and assist in conducting crisis simulation exercises. Interact with a broad spectrum of stakeholders at various organizational levels, both corporate and operational, to furnish them with pertinent, timely, and precise information guiding business decisions. Oversee the implementation of resilience projects, ensuring meticulous project management and maintaining high standards across all deliverables. Develop and implement a comprehensive operational resilience strategy aligned with organizational goals and regulatory requirements, fostering the client's ability to prevent, respond to, and recover from operational risks and their impacts. Stay informed as a subject matter expert, keeping abreast of the latest developments and innovations in the field. Coordinate incident response activities and facilitate effective communication among teams during incidents. Possess knowledge and experience in developing and implementing organizational resilience frameworks, preferably within the manufacturing sector. Possess one or more desirable certifications such as Business Continuity Management Certification (ISO 22301), ISO 27001, CBCI, CMCS, CISSP, or CISM. Have a foundational understanding of frameworks like NIST CSF and ISO 27001. Interested? Please submit your updated CV to Dean Parkes at Crimson for immediate consideration Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
16/05/2024
Full time
Operational Resilience Manager - Cyber - London Two days per week office based/Travel Salary £80-90k - Car Allowance - £10k Operational Resilience Manager required for a leading client based in London. My client is currently seeking a Operational Resilience Manager to come on to bolster the client's Technology & Cyber capability, aiding in readiness, response, and recovery from disruptions to our global tech infrastructure. Serving as a trusted advisor, you'll offer expertise in Operational Resilience concerning technology and cybersecurity. Your background should encompass disciplines like Business Continuity, Disaster Recovery, Cyber Security, Risk Management, Incident, and Crisis Management. Collaborating closely with colleagues in Group Risk, Group IT, and Group Cyber Security, you'll analyse present and future risks, threat trends, pinpoint vulnerabilities, and propose mitigation strategies. Take charge of advancing the elements within the Resilience Framework to meet our yearly objectives and attain our desired level of maturity, both current and future. This involves setting up and managing our Resilience Dashboard, ensuring the currency of KPIs and other metrics related to the organization's resilience capabilities across the Group. Key skills, Uphold the core values of the client, adhering to standards of business conduct, compliance with Group policies and procedures, and setting a positive example. Demonstrate integrity and ethical behaviour in accordance with the Group Code of Conduct. Develop technology and cybersecurity crisis readiness plans for activation in disaster scenarios and assist in conducting crisis simulation exercises. Interact with a broad spectrum of stakeholders at various organizational levels, both corporate and operational, to furnish them with pertinent, timely, and precise information guiding business decisions. Oversee the implementation of resilience projects, ensuring meticulous project management and maintaining high standards across all deliverables. Develop and implement a comprehensive operational resilience strategy aligned with organizational goals and regulatory requirements, fostering the client's ability to prevent, respond to, and recover from operational risks and their impacts. Stay informed as a subject matter expert, keeping abreast of the latest developments and innovations in the field. Coordinate incident response activities and facilitate effective communication among teams during incidents. Possess knowledge and experience in developing and implementing organizational resilience frameworks, preferably within the manufacturing sector. Possess one or more desirable certifications such as Business Continuity Management Certification (ISO 22301), ISO 27001, CBCI, CMCS, CISSP, or CISM. Have a foundational understanding of frameworks like NIST CSF and ISO 27001. Interested? Please submit your updated CV to Dean Parkes at Crimson for immediate consideration Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
Technology Resilience Lead - Disaster Recovery - London Salary £60-70k - 2 Day per week office based Bonus Scheme Technology Resilience Lead required for a leading client based in London. My client is currently seeking a suitable candidate to Support the capacity and capability of our clients' collective, including their operational entities and subsidiaries, to prepare for, respond to, and rebound from disruptions to our global technology infrastructure and operational environments. We seek a highly skilled IT professional with expertise in one or more of the following areas: infrastructure, cybersecurity, engineering, testing, and project management. Your dedication lies in ensuring our clients maintain a robust and resilient technological ecosystem, mitigating risks, and enhancing operational readiness. Your commitment extends to ensuring the continuity of critical business functions and technology systems despite disruptions or challenges. Your role entails defining the standards of technology resilience and overseeing the Group-wide Disaster Recovery program. This program emphasizes testing the resilience, continuity, and recoverability of our critical applications and systems. Key skills: -Display unwavering dedication to our clients' core values by adhering to our standards of business conduct, ensuring compliance with Group policies and procedures, and setting a precedent through personal example. -Your duties will encompass delineating the criteria for robust technology resilience and overseeing the Group-wide Disaster Recovery program, concentrating on assessing the resilience, continuity, and recoverability of vital applications and systems. -You'll collaborate with Technology Service Owners and broader Group IT and Operating Business teams to facilitate data restoration exercises and execute backups. This involves maintaining and testing existing backups to uphold data integrity and availability. -Conducting operational assessments of defined Disaster Recovery plans will be part of your responsibilities. This entails utilizing various methods such as checklists, walk-throughs, tabletop exercises, simulations (parallel or full interrupt), and comprehensive exercises, coordinated with related plans like IT DR plans and crisis management plans. -Furthermore, you'll integrate cybersecurity scenarios, analyse test outcomes, implement lessons learned, and incorporate necessary improvements or corrective actions into IT DR and Cyber Resilience plans. -By conducting post-incident reviews and analysing pre-planned testing outcomes, you'll continuously monitor and assess key performance indicators (KPIs) like recovery time objectives (RTOs) and recovery point objectives (RPOs). This process aims to continually enhance the efficiency and effectiveness of the disaster recovery program. -Foster a work environment that emphasizes the significance of employees acting with integrity and ethics, aligning with the Group Code of Conduct. -Serve as a subject matter expert, forging trusted partnerships with the business and staying abreast of the latest advancements and innovations in the field. -Assume responsibility for overseeing the implementation of the clients' disaster recovery plan in the event of a crisis, facilitating swift responses to potential disruptions such as cyberattacks or infrastructure damage. -Possessing one of the following certifications is advantageous: CompTIA Network +, CompTIA Security +, CISM, CISSP, or COBIT 5. -Demonstrate a fundamental understanding of frameworks such as NIST CSF, ISO 27001/27002, and COBIT. -Experience in Operational Technology Security, with the ability to identify and address IT and operational vulnerabilities, is preferred. Interested? Please submit your updated CV to Dean Parkes at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
16/05/2024
Full time
Technology Resilience Lead - Disaster Recovery - London Salary £60-70k - 2 Day per week office based Bonus Scheme Technology Resilience Lead required for a leading client based in London. My client is currently seeking a suitable candidate to Support the capacity and capability of our clients' collective, including their operational entities and subsidiaries, to prepare for, respond to, and rebound from disruptions to our global technology infrastructure and operational environments. We seek a highly skilled IT professional with expertise in one or more of the following areas: infrastructure, cybersecurity, engineering, testing, and project management. Your dedication lies in ensuring our clients maintain a robust and resilient technological ecosystem, mitigating risks, and enhancing operational readiness. Your commitment extends to ensuring the continuity of critical business functions and technology systems despite disruptions or challenges. Your role entails defining the standards of technology resilience and overseeing the Group-wide Disaster Recovery program. This program emphasizes testing the resilience, continuity, and recoverability of our critical applications and systems. Key skills: -Display unwavering dedication to our clients' core values by adhering to our standards of business conduct, ensuring compliance with Group policies and procedures, and setting a precedent through personal example. -Your duties will encompass delineating the criteria for robust technology resilience and overseeing the Group-wide Disaster Recovery program, concentrating on assessing the resilience, continuity, and recoverability of vital applications and systems. -You'll collaborate with Technology Service Owners and broader Group IT and Operating Business teams to facilitate data restoration exercises and execute backups. This involves maintaining and testing existing backups to uphold data integrity and availability. -Conducting operational assessments of defined Disaster Recovery plans will be part of your responsibilities. This entails utilizing various methods such as checklists, walk-throughs, tabletop exercises, simulations (parallel or full interrupt), and comprehensive exercises, coordinated with related plans like IT DR plans and crisis management plans. -Furthermore, you'll integrate cybersecurity scenarios, analyse test outcomes, implement lessons learned, and incorporate necessary improvements or corrective actions into IT DR and Cyber Resilience plans. -By conducting post-incident reviews and analysing pre-planned testing outcomes, you'll continuously monitor and assess key performance indicators (KPIs) like recovery time objectives (RTOs) and recovery point objectives (RPOs). This process aims to continually enhance the efficiency and effectiveness of the disaster recovery program. -Foster a work environment that emphasizes the significance of employees acting with integrity and ethics, aligning with the Group Code of Conduct. -Serve as a subject matter expert, forging trusted partnerships with the business and staying abreast of the latest advancements and innovations in the field. -Assume responsibility for overseeing the implementation of the clients' disaster recovery plan in the event of a crisis, facilitating swift responses to potential disruptions such as cyberattacks or infrastructure damage. -Possessing one of the following certifications is advantageous: CompTIA Network +, CompTIA Security +, CISM, CISSP, or COBIT 5. -Demonstrate a fundamental understanding of frameworks such as NIST CSF, ISO 27001/27002, and COBIT. -Experience in Operational Technology Security, with the ability to identify and address IT and operational vulnerabilities, is preferred. Interested? Please submit your updated CV to Dean Parkes at Crimson for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
Conexus have partnered with a global company within life sciences to source an incident management specialist to launch new initiatives around Incident Response. In this role, you'll be at the forefront, setting the example for junior team members. We're looking for someone with a process-oriented background, ideally from a highly regulated environment such as pharmaceuticals, banking, or a company specializing in SOC Services. While you won't directly manage people, a significant aspect of this role involves training the team. Hands-on experience in dealing with incidents is crucial. Responsibilities: Lead the incident response efforts, ensuring incidents are managed effectively and in line with established processes and initiatives. Mentor and train junior team members to enhance their skills and capabilities in incident response, fostering a culture of continuous improvement. Collaborate with stakeholders to understand business requirements and align incident response processes accordingly. Continuously assess and refine incident response procedures to ensure they meet industry standards and best practices. Act as a subject matter expert on incident response, providing guidance and support to the internal team and other stakeholders. Coordinate with external partners and vendors as needed to enhance incident response capabilities and stay updated on emerging threats. Document and analyze incident response activities to identify areas for improvement and implement corrective actions. Stay informed about the latest trends and developments in incident response and cybersecurity to inform strategic decision-making. Requirements: Demonstrated experience in incident response management, preferably in a process-oriented environment. Proven ability to lead incident response efforts and train junior team members effectively. Hands-on experience dealing with security incidents and a strong understanding of incident response methodologies. Background in a highly regulated industry such as pharmaceuticals or banking, or experience with SOC Services, is desirable. Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Relevant certifications such as CISSP, CISM, or GIAC certifications are a plus. If this position is of interest, please apply here or contact me directly for more details.
16/05/2024
Project-based
Conexus have partnered with a global company within life sciences to source an incident management specialist to launch new initiatives around Incident Response. In this role, you'll be at the forefront, setting the example for junior team members. We're looking for someone with a process-oriented background, ideally from a highly regulated environment such as pharmaceuticals, banking, or a company specializing in SOC Services. While you won't directly manage people, a significant aspect of this role involves training the team. Hands-on experience in dealing with incidents is crucial. Responsibilities: Lead the incident response efforts, ensuring incidents are managed effectively and in line with established processes and initiatives. Mentor and train junior team members to enhance their skills and capabilities in incident response, fostering a culture of continuous improvement. Collaborate with stakeholders to understand business requirements and align incident response processes accordingly. Continuously assess and refine incident response procedures to ensure they meet industry standards and best practices. Act as a subject matter expert on incident response, providing guidance and support to the internal team and other stakeholders. Coordinate with external partners and vendors as needed to enhance incident response capabilities and stay updated on emerging threats. Document and analyze incident response activities to identify areas for improvement and implement corrective actions. Stay informed about the latest trends and developments in incident response and cybersecurity to inform strategic decision-making. Requirements: Demonstrated experience in incident response management, preferably in a process-oriented environment. Proven ability to lead incident response efforts and train junior team members effectively. Hands-on experience dealing with security incidents and a strong understanding of incident response methodologies. Background in a highly regulated industry such as pharmaceuticals or banking, or experience with SOC Services, is desirable. Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Relevant certifications such as CISSP, CISM, or GIAC certifications are a plus. If this position is of interest, please apply here or contact me directly for more details.
Senior Cloud Network Engineer Permanent, 3 days in office in London Overview: The Company is a leading financial services firm. The technology is being transformed to a Cloud-First, Cloud-Native architectural model, utilizing DevSecOps processes and adoption of systems-thinking concepts to enhance productivity. The Cloud Network Engineer are responsible for delivering modern end user solutions that are fully automated through code, ensuring scalability and optimize availability and reliability 24/7. Responsibilities: Engineer and secure core Azure platform services across global footprint. Go deep on Cloud Network Engineer, adopting Zero Trust Architecture principles. Engineer and maintain Cloud Secure Web Gateways, Next-Gen CASB solutions Advance branch/SD-WAN solution to optimise network performance and connectivity. Colloborate with other areas of engineering and Service operations to ensure the successful integration of SSE/SASE Automate every operational aspect of infrastructure and systems life cycle Respond to incidents. Run Infrastructure with Python/PowerShell, Ansible, Terraform, Azure DevOps, CI/CD, Kubernetes. Design, build and maintain core infrastructure. Debub production issues Requirements: Strong experience in Windows Servers, Virtulisation, Containerisation tech on Azure Proficiency in Object Oriented programming and developing automated solutions through code. Experience in configuration management systems like Ansible Passion for network security and desire to protect organisations from cyber threats. Keen on Open Source development. Collaborative and able to communicate effectively and asynchronously.
16/05/2024
Full time
Senior Cloud Network Engineer Permanent, 3 days in office in London Overview: The Company is a leading financial services firm. The technology is being transformed to a Cloud-First, Cloud-Native architectural model, utilizing DevSecOps processes and adoption of systems-thinking concepts to enhance productivity. The Cloud Network Engineer are responsible for delivering modern end user solutions that are fully automated through code, ensuring scalability and optimize availability and reliability 24/7. Responsibilities: Engineer and secure core Azure platform services across global footprint. Go deep on Cloud Network Engineer, adopting Zero Trust Architecture principles. Engineer and maintain Cloud Secure Web Gateways, Next-Gen CASB solutions Advance branch/SD-WAN solution to optimise network performance and connectivity. Colloborate with other areas of engineering and Service operations to ensure the successful integration of SSE/SASE Automate every operational aspect of infrastructure and systems life cycle Respond to incidents. Run Infrastructure with Python/PowerShell, Ansible, Terraform, Azure DevOps, CI/CD, Kubernetes. Design, build and maintain core infrastructure. Debub production issues Requirements: Strong experience in Windows Servers, Virtulisation, Containerisation tech on Azure Proficiency in Object Oriented programming and developing automated solutions through code. Experience in configuration management systems like Ansible Passion for network security and desire to protect organisations from cyber threats. Keen on Open Source development. Collaborative and able to communicate effectively and asynchronously.
IT Security Officer NCSC, ISO27001, CIPT, CISSP, CISM, CISA Up to 50k depending on skills and experience. Hybrid will need to be onsite when required. You need to live within commutable distance of Salisbury and due to the clients location, own transport is essential You must be eligible for SC clearance (lived and worked in UK for the last 5 years minimum) What does the company do: Our client provides infrastructure and support services to the armed forces. What You'll Be Doing: With a strong emphasis on Information Security and compliance, this role is fundamental in ensuring our client complies with its ongoing information security obligations, including but not limited to: MOD Accreditation, ISO27001 and Cyber Essentials Plus. This is a new opportunity which will give you scope to make the role your own and advance your career in the longer term. What You'll Need To Know: Minimum of 3 years of hands-on experience of delivering information security best practice Experience of owning and delivering information security initiatives, including awareness programmes, phishing simulations and training. Experience/understanding of National Cyber Security Centre (NCSC) best practices and guidance Experience of leading and conducting audits (especially ISO27001) is essential in this role. Familiar with principles of good data governance, cyber security and data protection. Ability to work across multiple technical projects simultaneously as required, delivering to deadlines Nice To Have: Experience of working in a MoD restricted environment and familiarity with MoD security standards A recognised information security certification (such as CIPT, CISSP, CISM, CISA, Lead Auditor for ISO27001 What You'll Get to mention a few: 25 days holiday plus bank holidays Holiday purchase to up to 35 days leave in one year 1-2 volunteering days Pension scheme Life assurance x 4 - SmartSourcing are a Disability Confident Employer and we promote, celebrate and value diversity, we are committed to promoting equality and inclusion for all.
16/05/2024
Full time
IT Security Officer NCSC, ISO27001, CIPT, CISSP, CISM, CISA Up to 50k depending on skills and experience. Hybrid will need to be onsite when required. You need to live within commutable distance of Salisbury and due to the clients location, own transport is essential You must be eligible for SC clearance (lived and worked in UK for the last 5 years minimum) What does the company do: Our client provides infrastructure and support services to the armed forces. What You'll Be Doing: With a strong emphasis on Information Security and compliance, this role is fundamental in ensuring our client complies with its ongoing information security obligations, including but not limited to: MOD Accreditation, ISO27001 and Cyber Essentials Plus. This is a new opportunity which will give you scope to make the role your own and advance your career in the longer term. What You'll Need To Know: Minimum of 3 years of hands-on experience of delivering information security best practice Experience of owning and delivering information security initiatives, including awareness programmes, phishing simulations and training. Experience/understanding of National Cyber Security Centre (NCSC) best practices and guidance Experience of leading and conducting audits (especially ISO27001) is essential in this role. Familiar with principles of good data governance, cyber security and data protection. Ability to work across multiple technical projects simultaneously as required, delivering to deadlines Nice To Have: Experience of working in a MoD restricted environment and familiarity with MoD security standards A recognised information security certification (such as CIPT, CISSP, CISM, CISA, Lead Auditor for ISO27001 What You'll Get to mention a few: 25 days holiday plus bank holidays Holiday purchase to up to 35 days leave in one year 1-2 volunteering days Pension scheme Life assurance x 4 - SmartSourcing are a Disability Confident Employer and we promote, celebrate and value diversity, we are committed to promoting equality and inclusion for all.
Senior Network Security Infrastructure Engineer City of London (Hybrid) Up to £125,000 per annum On behalf of a Leading City of London based financial services organisation, I am seeking an experienced Senior Network Security Infrastructure Engineer. You will have responsibility for the delivery of Network Security Engineering projects and providing 3rd level technical support for the organisations Global Network Infrastructure. As part of a Global Network Engineering team, the successful candidate will be a strong technical lead with excellent troubleshooting skills. Due to the organisation operating a hybrid work model, you will need to be within commuting distance of their City of London offices and able to commit to 3 days per week in office. Responsibilities: Consult with Cybersecurity to deliver network security layer 3/4 protections Deliver on premise and cloud configuration across our Network Security Infrastructure Provide oversight and contribute to key security projects to deliver solutions and services which align with overall business objectives Provide the organisation with SME expertise in network security technical policy, technologies and mechanisms Provide expert knowledge of Enterprise Network Security concepts, frameworks and products Ability to automate security control and products Ensure engineering projects are transitioned to the network operations team following the organisations Permit to Operate process Troubleshoot complex technical issues, working with customers and third-party suppliers Contribute to knowledge sharing by maintaining accurate documentation and articles. Experience/Skills required: Strong understanding of a broad range of technical skills in IT Infrastructure including networks, cloud services, network security infrastructure and threat prevention techniques Solid experience working as a senior engineer within enterprise environment Experience working in Financial Services, either directly or through a service provider Strong knowledge and advanced troubleshooting experience of enterprise class Firewalls both on-premise and cloud based including Fortinet Good knowledge of application & content delivery platforms: f5 - BIG-IQ, AFM, ASM, LTM, GTM & DDoS mitigation Strong Knowledge of Application Level & Network Layer Security Protections Strong knowledge of dynamic routing protocols: BGP, OSPF Strong knowledge of packet level troubleshooting with Wireshark Strong knowledge of AWS Security tools & features Working knowledge of NIST and CIS controls.
16/05/2024
Full time
Senior Network Security Infrastructure Engineer City of London (Hybrid) Up to £125,000 per annum On behalf of a Leading City of London based financial services organisation, I am seeking an experienced Senior Network Security Infrastructure Engineer. You will have responsibility for the delivery of Network Security Engineering projects and providing 3rd level technical support for the organisations Global Network Infrastructure. As part of a Global Network Engineering team, the successful candidate will be a strong technical lead with excellent troubleshooting skills. Due to the organisation operating a hybrid work model, you will need to be within commuting distance of their City of London offices and able to commit to 3 days per week in office. Responsibilities: Consult with Cybersecurity to deliver network security layer 3/4 protections Deliver on premise and cloud configuration across our Network Security Infrastructure Provide oversight and contribute to key security projects to deliver solutions and services which align with overall business objectives Provide the organisation with SME expertise in network security technical policy, technologies and mechanisms Provide expert knowledge of Enterprise Network Security concepts, frameworks and products Ability to automate security control and products Ensure engineering projects are transitioned to the network operations team following the organisations Permit to Operate process Troubleshoot complex technical issues, working with customers and third-party suppliers Contribute to knowledge sharing by maintaining accurate documentation and articles. Experience/Skills required: Strong understanding of a broad range of technical skills in IT Infrastructure including networks, cloud services, network security infrastructure and threat prevention techniques Solid experience working as a senior engineer within enterprise environment Experience working in Financial Services, either directly or through a service provider Strong knowledge and advanced troubleshooting experience of enterprise class Firewalls both on-premise and cloud based including Fortinet Good knowledge of application & content delivery platforms: f5 - BIG-IQ, AFM, ASM, LTM, GTM & DDoS mitigation Strong Knowledge of Application Level & Network Layer Security Protections Strong knowledge of dynamic routing protocols: BGP, OSPF Strong knowledge of packet level troubleshooting with Wireshark Strong knowledge of AWS Security tools & features Working knowledge of NIST and CIS controls.
Title: Cyber Security Team Lead Location: Leeds - Hybrid Salary: Up to £80,000 Reports: 3 direct experienced reports and a graduate Requirements: Azure Security experience - Designing and implementing solutions Our client is currently seeking a Cyber Security Team Lead to join their security function in a newly created role. As a Cyber Security Team Leader, you will play a vital role in maintaining the integrity and availability of our clients' data, while providing leadership and support to the Cyber Security Team. Purpose of the Role The primary responsibility of the Cyber Security Team Lead is to provide leadership in maintaining the integrity and availability of our client's data and serve as the interface for cyber security throughout the IT Department. You will be responsible for ensuring a secure infrastructure for the company's data and customers by utilising your leadership skills, analytical capabilities, and advanced knowledge in cyber security. Key Responsibilities Responsible for the day-to-day management of the Cyber Security Team, including defining and managing rotas, proactive quality review of team activities, and adherence to processes and procedures. Confidently deputise for the Cyber Security Manager when required. Create and manage the Security cloud migration process, identifying and resolving gaps through experience. Actively manage complaints and escalations, proactively identifying and resolving issues before they become complaints/escalations. Develop, manage, and maintain the security of the firm's IT services, including patching, resolving vulnerabilities, and system hardening. Create and update security support documentation, including processes and procedures. Collaborate with the IT Department in implementing and maintaining security measures across the infrastructure. Act as the escalation point for security incidents, ensuring prompt incident management and response. Manage forensic investigations and reporting, engaging third-party specialists when required.s. Key Requirements Proven track record in leading a technical security team. Demonstrated experience in planning, developing, and implementing Azure security technologies. Familiarity with security technologies such as SIEM, Firewalls, intrusion detection/prevention systems, antivirus software, authentication systems, and log management. Strong knowledge of security approaches, including risk analysis, attack vectors, cryptography, and cyber security incident response best practices. If the above role sounds like the right step in your career then please get in touch for some more information.
16/05/2024
Full time
Title: Cyber Security Team Lead Location: Leeds - Hybrid Salary: Up to £80,000 Reports: 3 direct experienced reports and a graduate Requirements: Azure Security experience - Designing and implementing solutions Our client is currently seeking a Cyber Security Team Lead to join their security function in a newly created role. As a Cyber Security Team Leader, you will play a vital role in maintaining the integrity and availability of our clients' data, while providing leadership and support to the Cyber Security Team. Purpose of the Role The primary responsibility of the Cyber Security Team Lead is to provide leadership in maintaining the integrity and availability of our client's data and serve as the interface for cyber security throughout the IT Department. You will be responsible for ensuring a secure infrastructure for the company's data and customers by utilising your leadership skills, analytical capabilities, and advanced knowledge in cyber security. Key Responsibilities Responsible for the day-to-day management of the Cyber Security Team, including defining and managing rotas, proactive quality review of team activities, and adherence to processes and procedures. Confidently deputise for the Cyber Security Manager when required. Create and manage the Security cloud migration process, identifying and resolving gaps through experience. Actively manage complaints and escalations, proactively identifying and resolving issues before they become complaints/escalations. Develop, manage, and maintain the security of the firm's IT services, including patching, resolving vulnerabilities, and system hardening. Create and update security support documentation, including processes and procedures. Collaborate with the IT Department in implementing and maintaining security measures across the infrastructure. Act as the escalation point for security incidents, ensuring prompt incident management and response. Manage forensic investigations and reporting, engaging third-party specialists when required.s. Key Requirements Proven track record in leading a technical security team. Demonstrated experience in planning, developing, and implementing Azure security technologies. Familiarity with security technologies such as SIEM, Firewalls, intrusion detection/prevention systems, antivirus software, authentication systems, and log management. Strong knowledge of security approaches, including risk analysis, attack vectors, cryptography, and cyber security incident response best practices. If the above role sounds like the right step in your career then please get in touch for some more information.
Robert Walters is working in partnership with a national market leading business. They specialise in distribution, construction and building materials. With a long-standing history, they employ over 16,000 employees with an enterprise technology estate to support their business services. Due to continued growth, they are keen to appoint an Information Security Cloud Analyst, based out of the Northampton offices with a hybrid working model paying as salary up to £55,000 plus benefits. As an experienced Information Security Cloud Analyst, you will hold responsibility for maintaining and improving all security operational procedures. In addition to processes, technical controls, monitoring, detecting and responding to security threats. You will carryout threat intelligence and the management of security testing in order to reduce operation InfoSec risks. Information Security Cloud Analyst - Duties Config/Scheduling of vulnerability scans within vulnerability management programme Monitor/Prioritise/Remediation of identified vulnerabilities Organise penetration tests with 3rd party providers and remediate vulnerabilities on risk basis Investigate and resolution of InfoSec incidents, requests and investigations Ensure communication of incidents between SOC and technical support teams Support the ISI process for major cyber incidents SecOps reporting Searching/Identification/Resolution of IOCs and IOBs Enforce secure configurations and polices for on prem infrastructure Multi cloud platforms - AWS, GCP The permanent opportunity for an Information Security Cloud Analyst, will pay up to £55,000 plus benefits and offer a hybrid working model from their Northampton offices. This is an opportunity to join a market leading business that has grown year on year. For further information, please apply with an updated CV and contact Ajay Hayre on (see below) Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates
16/05/2024
Full time
Robert Walters is working in partnership with a national market leading business. They specialise in distribution, construction and building materials. With a long-standing history, they employ over 16,000 employees with an enterprise technology estate to support their business services. Due to continued growth, they are keen to appoint an Information Security Cloud Analyst, based out of the Northampton offices with a hybrid working model paying as salary up to £55,000 plus benefits. As an experienced Information Security Cloud Analyst, you will hold responsibility for maintaining and improving all security operational procedures. In addition to processes, technical controls, monitoring, detecting and responding to security threats. You will carryout threat intelligence and the management of security testing in order to reduce operation InfoSec risks. Information Security Cloud Analyst - Duties Config/Scheduling of vulnerability scans within vulnerability management programme Monitor/Prioritise/Remediation of identified vulnerabilities Organise penetration tests with 3rd party providers and remediate vulnerabilities on risk basis Investigate and resolution of InfoSec incidents, requests and investigations Ensure communication of incidents between SOC and technical support teams Support the ISI process for major cyber incidents SecOps reporting Searching/Identification/Resolution of IOCs and IOBs Enforce secure configurations and polices for on prem infrastructure Multi cloud platforms - AWS, GCP The permanent opportunity for an Information Security Cloud Analyst, will pay up to £55,000 plus benefits and offer a hybrid working model from their Northampton offices. This is an opportunity to join a market leading business that has grown year on year. For further information, please apply with an updated CV and contact Ajay Hayre on (see below) Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
15/05/2024
Full time
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
15/05/2024
Full time
Senior GRC Specialist Salary: $120k-$135k + 10% bonus Location: Chicago, IL or Austin, TX Hybrid: 3 days in-office, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC Technical writing experience 4+ years of Information Security experience Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of Privileged Access Management technologies Responsibilities Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards, and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes roadmap development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards.
Role: IT Specialist Location: Great Yarmouth Work Type: Contract Duration: 6 months Work Model: Hybrid My client, who is a leader in the energy sector, is looking for an IT Specialist to join their team on contract basis. You will be part of a company who are committed to safety and sustainability and drive the transition to renewable energy. With over a decade of experience, they operate the industry's largest fleet of jack-up installation vessels, ensuring flexibility and scalability for green projects. In this role you will: Assist on-site staff with technical issues through phone, email, and face-to-face interactions. Oversee, address, and close tickets within the designated ticketing system. Diagnose and fix hardware and software problems across various devices and company IT systems. Essential Skills: 2+ years of experience in IT support or other relevant positions in an IT department. Proficiency in troubleshooting general IT hardware, software, and network issues. Possess basic to intermediate understanding of cybersecurity and potential risks. Strong communication skills in both spoken and written English If you are a results-oriented professional with a passion for driving excellence in IT Specialist and Technical Support Specialist, we invite you to apply for this exciting opportunity by sharing your CV. Randstad Technologies is acting as an Employment Business in relation to this vacancy.
15/05/2024
Project-based
Role: IT Specialist Location: Great Yarmouth Work Type: Contract Duration: 6 months Work Model: Hybrid My client, who is a leader in the energy sector, is looking for an IT Specialist to join their team on contract basis. You will be part of a company who are committed to safety and sustainability and drive the transition to renewable energy. With over a decade of experience, they operate the industry's largest fleet of jack-up installation vessels, ensuring flexibility and scalability for green projects. In this role you will: Assist on-site staff with technical issues through phone, email, and face-to-face interactions. Oversee, address, and close tickets within the designated ticketing system. Diagnose and fix hardware and software problems across various devices and company IT systems. Essential Skills: 2+ years of experience in IT support or other relevant positions in an IT department. Proficiency in troubleshooting general IT hardware, software, and network issues. Possess basic to intermediate understanding of cybersecurity and potential risks. Strong communication skills in both spoken and written English If you are a results-oriented professional with a passion for driving excellence in IT Specialist and Technical Support Specialist, we invite you to apply for this exciting opportunity by sharing your CV. Randstad Technologies is acting as an Employment Business in relation to this vacancy.
In a world of increasing digital connectivity, parallels the rise of cyber threats. Therefore, transformative Systems Engineers are required to make a real difference influencing some of the most important decisions across the full spectrum of the business. Ambitious and driven Systems Engineers are needed to join their industry-leading team of experts, in a consultative and client-facing environment. No day will ever be the same, by helping the UK become a safer place, from business transformation through to large-scale Cyber programme delivery. The successful candidate will have the ability to manage a variety of stakeholders as one will manage cross-functional projects. We'd love client facing and consulting capability, along with a few of the following: Experience of working as a System Engineer within IT, networking, digital or cyber security Ideally working in a Consultancy, large Systems Integrator or public sector organisation delivering complex products and services ie Defence/Law Enforcement/National Security/Public Sector Technical exposure includes: delivery life cycles (V-model), spiral and agile, technical risk management, cost & capability, requirements elicitation and management Excellent communication skills As well as gaining the opportunity to engage in a critical programme for the UK, this boutique Consultancy offers an array of learning and development platforms. From internal bespoke training masterclasses, to the development of new propositions to pitch to clients, you can engage, contribute and grow within the Security Sector team. Due to the nature of the work, DV clearance will be required. Please get in touch to find out more: (see below)
15/05/2024
Full time
In a world of increasing digital connectivity, parallels the rise of cyber threats. Therefore, transformative Systems Engineers are required to make a real difference influencing some of the most important decisions across the full spectrum of the business. Ambitious and driven Systems Engineers are needed to join their industry-leading team of experts, in a consultative and client-facing environment. No day will ever be the same, by helping the UK become a safer place, from business transformation through to large-scale Cyber programme delivery. The successful candidate will have the ability to manage a variety of stakeholders as one will manage cross-functional projects. We'd love client facing and consulting capability, along with a few of the following: Experience of working as a System Engineer within IT, networking, digital or cyber security Ideally working in a Consultancy, large Systems Integrator or public sector organisation delivering complex products and services ie Defence/Law Enforcement/National Security/Public Sector Technical exposure includes: delivery life cycles (V-model), spiral and agile, technical risk management, cost & capability, requirements elicitation and management Excellent communication skills As well as gaining the opportunity to engage in a critical programme for the UK, this boutique Consultancy offers an array of learning and development platforms. From internal bespoke training masterclasses, to the development of new propositions to pitch to clients, you can engage, contribute and grow within the Security Sector team. Due to the nature of the work, DV clearance will be required. Please get in touch to find out more: (see below)
Your new company Working for a market leading group of companies with a strong focus on security across the globe. Providing sector specific technology to provide tailored solutions. Your new role Responsible for managing Networking, IT Infrastructure, Cloud solutions and delivering end-user support to a range of desktop, mobile and business software applications. Leading with your expert knowledge of support teams, including infrastructure engineers and service desk professionals to deliver excellent technical services. The position will take the lead in working with 3rd party vendors and the wider internal teams to support in consulting and the delivery of the company's IT strategy. What you'll need to succeed A strong understanding of operating in an ITIL environment with excellent networking experience alongside support for Microsoft solutions. Capable and hands-on experience with Cisco network deployments (CCNA/CCNP Desirable) Demonstrable proficiency with Azure and On-Prem Infrastructure Experience with managing teams to ensure KPIs and SLAs are achieved & exceeded and to support their development. Able to share your expert knowledge with the wider team to develop an effective service. Firewall deployment, particularly across SD-WAN solutions. Strong understanding of Cybersecurity to maintain system integrity. Delivering end-user support to a range of desktop, mobile and business software applications. What you'll get in return Salary of up to £55,000 DOE Elements of Hybrid with a 3 in 2 from home split Options for Flexible working hours provided Core hours are covered. Chance to improve your knowledge and personal development. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
15/05/2024
Full time
Your new company Working for a market leading group of companies with a strong focus on security across the globe. Providing sector specific technology to provide tailored solutions. Your new role Responsible for managing Networking, IT Infrastructure, Cloud solutions and delivering end-user support to a range of desktop, mobile and business software applications. Leading with your expert knowledge of support teams, including infrastructure engineers and service desk professionals to deliver excellent technical services. The position will take the lead in working with 3rd party vendors and the wider internal teams to support in consulting and the delivery of the company's IT strategy. What you'll need to succeed A strong understanding of operating in an ITIL environment with excellent networking experience alongside support for Microsoft solutions. Capable and hands-on experience with Cisco network deployments (CCNA/CCNP Desirable) Demonstrable proficiency with Azure and On-Prem Infrastructure Experience with managing teams to ensure KPIs and SLAs are achieved & exceeded and to support their development. Able to share your expert knowledge with the wider team to develop an effective service. Firewall deployment, particularly across SD-WAN solutions. Strong understanding of Cybersecurity to maintain system integrity. Delivering end-user support to a range of desktop, mobile and business software applications. What you'll get in return Salary of up to £55,000 DOE Elements of Hybrid with a 3 in 2 from home split Options for Flexible working hours provided Core hours are covered. Chance to improve your knowledge and personal development. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
Global Technology Solutions Ltd
Chippenham, Wiltshire
Cloud IT Solutions Technical Consultant - Service Desk Consultant Permanent - Chippenham Onsite/Hybrid Working £45,000 - £60,000 Must Drive - Happy to Travel as needed. You will be an experienced Technical Consultant with a methodical approach to problem-solving who has an enthusiastic "can do" attitude. You have ambition and a growth mindset so you will be keen to learn, progress and are willing to study to become an exceptional IT professional. MAIN DUTIES * Architect, Design, and Implement Modern Cloud IT Solutions * Completion of Infrastructure, Cyber Risk and Microsoft 365 Adoption Consultancy * Escalation Technical Resource for Project Engineers * Work as part of our dedicated Projects Team away from the Service Desk * Support and guide our customers on their Technical Roadmap * Work with the Projects Administrator to ensure projects are a success * Assist the commercial team with technical roadmaps and presales consultancy ESSENTIAL SKILLS & EXPERIENCE * At least 4 years' experience progressing through a service desk 1st/2nd/3rd line to Technical Consultant * Microsoft Azure (Migration, Deployment and Management of services) * Microsoft 365 including Modern Endpoint Management and Security * Hyper-V/VMware in both on-premises and hybrid deployments * Networking (TCP/IP, VLANs, routing, Firewalls, port forwarding and NAT etc.) * Comfortable communicating at all levels including Management, Senior Leadership Team and Board/Directors * Design and implementation of technical roadmaps, from start to finish. QUALIFICATIONS * Desirable Microsoft Certifications (MS-100/101, AZ-104, MS-500) * Desirable Security Certifications (Security+, CEH) WHAT WE OFFER People & Culture is the heartbeat. We believe success is built from within and is why we are incredibly proud of our team, our working environment and our fun, friendly and inclusive office culture. We live by our values. It is a fast paced, energetic and fun environment to be in. As an employee we will invest in you. We will invest in your training. We will invest our time and energy to help you develop your career and become the very best in your field of work. * Unlimited holiday * Performance and salary reviews * Enrolment into the Academy, aimed on your training and development needs with time available to complete during working hours * Access to online courses, work related plus more, all at your fingertips * Auto Enrolment pension scheme * Staff and Customer referral scheme * Great working atmosphere and balanced work environment - we are high performance and we take good care of each other * Employee socials and events run by our Social Committee * Lots of cake and fruit * And of course, you get to work for a fast-growing, modern, market leader like us! This is a fantastic opportunity to join a welcoming, dynamic company offering a great culture and the chance to build a successful career. NOTES 37.5 hours a week Mon-Fri, due to the nature of the job some occasional work at weekends and outside of normal hours may be required. Travel to customer sites may be required so the ability to travel as and when required is essential. This role requires a DBS and BPSS check as well as you to obtain SC clearance (fully funded). "In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Agency in relation to this vacancy.
15/05/2024
Full time
Cloud IT Solutions Technical Consultant - Service Desk Consultant Permanent - Chippenham Onsite/Hybrid Working £45,000 - £60,000 Must Drive - Happy to Travel as needed. You will be an experienced Technical Consultant with a methodical approach to problem-solving who has an enthusiastic "can do" attitude. You have ambition and a growth mindset so you will be keen to learn, progress and are willing to study to become an exceptional IT professional. MAIN DUTIES * Architect, Design, and Implement Modern Cloud IT Solutions * Completion of Infrastructure, Cyber Risk and Microsoft 365 Adoption Consultancy * Escalation Technical Resource for Project Engineers * Work as part of our dedicated Projects Team away from the Service Desk * Support and guide our customers on their Technical Roadmap * Work with the Projects Administrator to ensure projects are a success * Assist the commercial team with technical roadmaps and presales consultancy ESSENTIAL SKILLS & EXPERIENCE * At least 4 years' experience progressing through a service desk 1st/2nd/3rd line to Technical Consultant * Microsoft Azure (Migration, Deployment and Management of services) * Microsoft 365 including Modern Endpoint Management and Security * Hyper-V/VMware in both on-premises and hybrid deployments * Networking (TCP/IP, VLANs, routing, Firewalls, port forwarding and NAT etc.) * Comfortable communicating at all levels including Management, Senior Leadership Team and Board/Directors * Design and implementation of technical roadmaps, from start to finish. QUALIFICATIONS * Desirable Microsoft Certifications (MS-100/101, AZ-104, MS-500) * Desirable Security Certifications (Security+, CEH) WHAT WE OFFER People & Culture is the heartbeat. We believe success is built from within and is why we are incredibly proud of our team, our working environment and our fun, friendly and inclusive office culture. We live by our values. It is a fast paced, energetic and fun environment to be in. As an employee we will invest in you. We will invest in your training. We will invest our time and energy to help you develop your career and become the very best in your field of work. * Unlimited holiday * Performance and salary reviews * Enrolment into the Academy, aimed on your training and development needs with time available to complete during working hours * Access to online courses, work related plus more, all at your fingertips * Auto Enrolment pension scheme * Staff and Customer referral scheme * Great working atmosphere and balanced work environment - we are high performance and we take good care of each other * Employee socials and events run by our Social Committee * Lots of cake and fruit * And of course, you get to work for a fast-growing, modern, market leader like us! This is a fantastic opportunity to join a welcoming, dynamic company offering a great culture and the chance to build a successful career. NOTES 37.5 hours a week Mon-Fri, due to the nature of the job some occasional work at weekends and outside of normal hours may be required. Travel to customer sites may be required so the ability to travel as and when required is essential. This role requires a DBS and BPSS check as well as you to obtain SC clearance (fully funded). "In applying for this position, you consent to your personal data being shared with the specified employer and for your details to remain with GTS for as long as is necessary to process your application. See our Privacy Notice for full information Global Technology Solutions is acting as an Employment Agency in relation to this vacancy.
NO SPONSORSHIP Manager, Internal Audit Information Technology & Security SALARY: $130k - $165k plus 15% bonus LOCATION: Dallas, TX 3 days in office 2 days remote Looking for a Manager of audit of information technology and security. You will manage a staff over Microsoft applications, archer and GRC. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Qualifications Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with: CyberArk, Splunk, SailPoint Familiarity with: ServiceNow, Jira, Confluence, GitHub Bachelor's degree 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
14/05/2024
Full time
NO SPONSORSHIP Manager, Internal Audit Information Technology & Security SALARY: $130k - $165k plus 15% bonus LOCATION: Dallas, TX 3 days in office 2 days remote Looking for a Manager of audit of information technology and security. You will manage a staff over Microsoft applications, archer and GRC. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Qualifications Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with: CyberArk, Splunk, SailPoint Familiarity with: ServiceNow, Jira, Confluence, GitHub Bachelor's degree 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
NO SPONSORSHIP Manager, Internal Audit Information Technology & Security SALARY: $130k - $165k plus 15% bonus LOCATION: Chicago, IL 3 days in office 2 days remote Looking for a Manager of audit of information technology and security. You will manage a staff over Microsoft applications, archer and GRC. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Qualifications Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with: CyberArk, Splunk, SailPoint Familiarity with: ServiceNow, Jira, Confluence, GitHub Bachelor's degree 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
14/05/2024
Full time
NO SPONSORSHIP Manager, Internal Audit Information Technology & Security SALARY: $130k - $165k plus 15% bonus LOCATION: Chicago, IL 3 days in office 2 days remote Looking for a Manager of audit of information technology and security. You will manage a staff over Microsoft applications, archer and GRC. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Qualifications Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with: CyberArk, Splunk, SailPoint Familiarity with: ServiceNow, Jira, Confluence, GitHub Bachelor's degree 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
We have an excellent Platform Engineer permanent job opportunity, which is hybrid working based in Manchester. Key to this role is supporting and delivering cloud migration programmes. The role includes designing, building and maintenance of the delivery infrastructure, systems and processes, leading with modern platforms and ways of working. Candidates applying for this role should have some of the following skills and experience:- Expertise and confidence to lead the definition and support of the Azure, AWS and GCP delivery platform in complex engagements, typically working in multi-disciplinary teams. Familiarity with collaboration suites ie Atlassian products (Jira, Confluence). Hands on with any of Azure, AWS or GCP Services. Automating cloud services. Exposure towards Infrastructure Management, Data Migration. Scripting with one or more of the following: Powershell, Python, Go. SecOps experience. Automating delivery of Infrastructure as Code (IaC) via Terraform. Deep understanding of CI/CD pipeline. Code Repository Management (eg Gitlab, GitHub, Bitbucket). Architecture awareness and experience around enterprise scale applications and distributed systems. Has a DevOps mind-set towards Automation. Understanding of Security Compliance PCI DSS, ISO, Cyber Essentials. Charlene Morrison - (see below)
14/05/2024
Full time
We have an excellent Platform Engineer permanent job opportunity, which is hybrid working based in Manchester. Key to this role is supporting and delivering cloud migration programmes. The role includes designing, building and maintenance of the delivery infrastructure, systems and processes, leading with modern platforms and ways of working. Candidates applying for this role should have some of the following skills and experience:- Expertise and confidence to lead the definition and support of the Azure, AWS and GCP delivery platform in complex engagements, typically working in multi-disciplinary teams. Familiarity with collaboration suites ie Atlassian products (Jira, Confluence). Hands on with any of Azure, AWS or GCP Services. Automating cloud services. Exposure towards Infrastructure Management, Data Migration. Scripting with one or more of the following: Powershell, Python, Go. SecOps experience. Automating delivery of Infrastructure as Code (IaC) via Terraform. Deep understanding of CI/CD pipeline. Code Repository Management (eg Gitlab, GitHub, Bitbucket). Architecture awareness and experience around enterprise scale applications and distributed systems. Has a DevOps mind-set towards Automation. Understanding of Security Compliance PCI DSS, ISO, Cyber Essentials. Charlene Morrison - (see below)
Technical Cyber Incident Responder Salary: £65-£80k + Strong Bonus + Benefits Location: UK Wide I am currently partnered with a NCSC accredited Cyber Incident Response provider who are looking for a technical Cyber Incident Responder to complement their established practice and take the lead on complex cyber DFIR investigations. This team is integral in responding to any external threats faced by clients, identifying, and preventing the root cause effectively and swiftly. This is a seriously exciting opportunity for a technical Digital Forensics & Incident Response (DFIR) lead to join one of the most established Incident Response practices in the world, gain access to some of the highest profile and sophisticated incidents out there; and focus exclusively on hands-on investigative pieces of work, away from the incident management and planning side of things. Key Responsibilities Act as a lead and technical escalation point on the most complex Digital Forensics & Incident Response investigations. Work closely with security research team to develop new and innovative investigations tooling and methodologies. Mentor and train junior team members through complex incident response investigations. Required Skills In-depth knowledge of various Incident Response techniques and procedures. Evidence of responding to, containing, and remediating high profile and high severity incidents. Experience conducting investigations and responding to incidents in cloud settings, such as AWS, GCP, and Azure. Previous consulting experience. This is an incredible opportunity for an experienced, technically minded Digital Forensics & Incident Response consultant to join one of the most established and NCSC accredited Cyber Incident Response firms in the world; and focus their time exclusively on responding to the highest severity incidents. Lawrence Harvey is acting as an Employment Business in regards to this position.
14/05/2024
Full time
Technical Cyber Incident Responder Salary: £65-£80k + Strong Bonus + Benefits Location: UK Wide I am currently partnered with a NCSC accredited Cyber Incident Response provider who are looking for a technical Cyber Incident Responder to complement their established practice and take the lead on complex cyber DFIR investigations. This team is integral in responding to any external threats faced by clients, identifying, and preventing the root cause effectively and swiftly. This is a seriously exciting opportunity for a technical Digital Forensics & Incident Response (DFIR) lead to join one of the most established Incident Response practices in the world, gain access to some of the highest profile and sophisticated incidents out there; and focus exclusively on hands-on investigative pieces of work, away from the incident management and planning side of things. Key Responsibilities Act as a lead and technical escalation point on the most complex Digital Forensics & Incident Response investigations. Work closely with security research team to develop new and innovative investigations tooling and methodologies. Mentor and train junior team members through complex incident response investigations. Required Skills In-depth knowledge of various Incident Response techniques and procedures. Evidence of responding to, containing, and remediating high profile and high severity incidents. Experience conducting investigations and responding to incidents in cloud settings, such as AWS, GCP, and Azure. Previous consulting experience. This is an incredible opportunity for an experienced, technically minded Digital Forensics & Incident Response consultant to join one of the most established and NCSC accredited Cyber Incident Response firms in the world; and focus their time exclusively on responding to the highest severity incidents. Lawrence Harvey is acting as an Employment Business in regards to this position.